Authors - Damla Karagozlu, Kian Jazayeri, Ahmet Adalier Abstract - The security of resource-constrained Internet of Things (IoT) devices is increasingly reliant on Zero-Trust Architecture (ZTA) models, as continuous authentication and behavioral-based trust are providing new models to help mitigate against more sophisticated threats. The proposed framework helps strengthen secure and reliable digital infrastructure for emerging smart technologies and connected environments. In developing a ZTA security framework specifically for limited re-sources (IoT), the study proposed a lightweight version that combines Elliptic Curve Cryptography (ECC)-based authentication, real- time determination of trust scores, and the use of machine learning to detect behaviorally-based attack pat-terns from a real attack dataset. In addition, the real-time analysis of device trust scores provides a means to understand which devices are performing in accordance with established expectations or displaying behavior consistent with an at-tack, and when these devices will reach those levels. Combining a lightweight ECC authentication with a (trust) behaviorally-driven approach to anomaly detection provides a means to enforce Zero-Trust by minimizing any adverse effects on computational performance ability in IoT environments. Therefore, the approach provides a practical and scalable foundation for Zero-Trust security in future IoT deployments where devices will have limited hardware resources.
Open Zoom